Description of problem: When we use UEFI loader, the /usr/share/OVMF/OVMF_CODE.fd will include a build-in virtio-net driver. So in this case, <rom file=''/> is acceptable with <model type='virtio'/> in the interface section.But libvirt -1.3.5 will fail to validate the xml. Version-Release number of selected component (if applicable): libvirt-1.3.5-1.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1. when edit a guest's xml with uefi loader and virtio type interface with rom file blank: <os> <type arch='x86_64' machine='pc-i440fx-rhel7.2.0'>hvm</type> ** <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> ** <nvram>/var/lib/libvirt/qemu/nvram/ovmf_VARS.fd</nvram> <boot dev='hd'/> </os> ... <interface type='network'> <source network='default'/> <model type='virtio'/> <rom file=''/> </interface> ... # virsh edit ovmf error: XML document failed to validate against schema: Unable to validate doc against /usr/share/libvirt/schemas/domain.rng Extra element devices in interleave Element domain failed to validate content Failed. Try again? [y,n,i,f,?]: 2.edit the guest to delete the <rom file=''/>, the xml validated ok. Actual results: The xml fail to validate with <rom file=''/>; After delete this line, validate succeed. Expected results: virt-validate-xml should be succeed in this special case(only for OVMF+virtio-net). Additional info:
Using <rom bar='off'/> is equivalently good. However, it is indeed the case that <rom file=''/> used to work in RHEL 7.x previously, but it is not accepted now. In other words, it is still possible to configure the domain XML in such a way that the iPXE oprom is not loaded into the NIC, and OVMF's builtin virtio-net driver is used instead. If that is the only goal here, then there is no issue. However, if we're concerned about backwards compatibility for the domain XML, which is a more general question, then <rom file=''/> should continue to work.
I think if this has ever worked, it's because a bug we had. I mean, in the past, libvirt did not validate the user provided XML. But from a certain release it does. And truth to be told, <rom file=''/> looks like a misuse of our bug (where we are accepting empty string as a path). However, the bug is still there, because users can bypass the XML validation,for instance by pressing 'i' i virsh: Element domain failed to validate content. Failed. Try again?[y,n,i,f,?]: So we need to fix this. But this is not a RHEL material I guess. Moreover, the bug is handled just right in libvirt - the validation is done only on user's input and not when libvitd is loading saved domain XMLs on its startup. So old configs continue working as they are, new need to obey the schema.
The proposal certainly works for me, especially given that <rom bar='off'/> already achieves the desired result. The confusion stems from the fact (I think) that the -device XXXX,romfile='' property is accepted by QEMU, and users might expect that to translate directly to the domain XML. I think comment 3 is a good idea.